apple vulnerabilities and exploits

6.8
CVSSv2
CVE-2012-6094

cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system...

5.6
CVSSv2
CVE-2019-8900

A vulnerability in the Boot ROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. The Boot ROM, which is located within the processor, contains the first code executed by the processor upon booting...

2.1
CVSSv2
CVE-2019-8519

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory....

4.3
CVSSv2
CVE-2019-8705

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory....

2.1
CVSSv2
CVE-2019-7293

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory....

9.3
CVSSv2
CVE-2019-8593

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges....

AppleIphone OsTvosWatchos
7.5
CVSSv2
CVE-2019-7290

An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions....

2.1
CVSSv2
CVE-2019-7289

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information....

9.3
CVSSv2
CVE-2019-8590

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges....

6.8
CVSSv2
CVE-2019-8792

An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution....